overmind
/
matrix-docker-ansible-deploy
огледало од https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Креирај огранак 0
Код Дискусије 0 Издања 0 Вики Activity
Matrix Docker Ansible eploy
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8784 Комити
13 Гране
36 MiB
 
 
Дрво: fa4ebd2a64
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from 'fa4ebd2a64'
${ noResults }
matrix-docker-ansible-deploy/roles/custom/matrix-livekit-server/defaults/main.yml

133 lines
7.5 KiB
Датотека Blame Историја 

  1. ---

  2. 

  3. # Project source code URL: https://github.com/livekit/livekit

  4. 

  5. livekit_server_enabled: false

  6. 

  7. # Base path configuration

  8. livekit_server_base_path: "{{ matrix_base_data_path }}/livekit-server"

  9. 

  10. # renovate: datasource=docker depName=livekit/livekit-server

  11. livekit_server_version: v1.8.0

  12. 

  13. livekit_server_hostname: ""

  14. livekit_server_path_prefix: "/"

  15. 

  16. # Docker network configuration

  17. livekit_server_container_network: ''

  18. livekit_server_container_http_host_bind_port: ''

  19. 

  20. livekit_server_container_additional_networks: "{{ livekit_server_container_additional_networks_auto + livekit_server_container_additional_networks_custom }}"

  21. livekit_server_container_additional_networks_auto: []

  22. livekit_server_container_additional_networks_custom: []

  23. 

  24. livekit_server_container_image_self_build: false

  25. livekit_server_container_repo: "https://github.com/livekit/livekit.git"

  26. livekit_server_container_repo_version: "{{ 'main' if livekit_server_version == 'latest' else livekit_server_version }}"

  27. livekit_server_container_src_files_path: "{{ livekit_server_base_path }}/container-src"

  28. 

  29. livekit_server_container_image: "{{ livekit_server_container_image_name_prefix }}livekit/livekit-server:{{ livekit_server_version }}"

  30. livekit_server_container_image_name_prefix: "{{ 'localhost/' if livekit_server_container_image_self_build else 'docker.io/' }}"

  31. livekit_server_container_image_force_pull: "{{ livekit_server_container_image.endswith(':latest') }}"

  32. 

  33. # LiveKit configuration

  34. livekit_server_livekit_server_dev_key: "{{ livekit_server_dev_key }}"  # Must be defined in host_vars

  35. livekit_server_jwt_secret:  "{{ matrix_element_call_jwt_secret }}"  # Must be defined in host_vars

  36. livekit_server_hostname: "sfu.{{ matrix_domain }}"

  37. 

  38. # Traefik Configuration for Element Call

  39. livekit_server_container_labels_traefik_enabled: true

  40. livekit_server_container_labels_traefik_docker_network: "{{ livekit_server_container_network }}"

  41. livekit_server_container_labels_traefik_hostname: "{{ livekit_server_hostname }}"

  42. # The path prefix must either be `/` or not end with a slash (e.g. `/element`).

  43. livekit_server_container_labels_traefik_path_prefix: "{{ livekit_server_path_prefix }}"

  44. livekit_server_container_labels_traefik_rule: "Host(`{{ livekit_server_container_labels_traefik_hostname }}`){% if livekit_server_container_labels_traefik_path_prefix != '/' %} && PathPrefix(`{{ livekit_server_container_labels_traefik_path_prefix }}`){% endif %}"

  45. livekit_server_container_labels_traefik_priority: 0

  46. livekit_server_container_labels_traefik_entrypoints: web-secure

  47. livekit_server_container_labels_traefik_tls: "{{ livekit_server_container_labels_traefik_entrypoints != 'web' }}"

  48. livekit_server_container_labels_traefik_tls_certResolver: default  # noqa var-naming

  49. 

  50. # Controls which additional headers to attach to all HTTP responses.

  51. # To add your own headers, use `livekit_server_container_labels_traefik_additional_response_headers_custom`

  52. livekit_server_container_labels_traefik_additional_response_headers: "{{ livekit_server_container_labels_traefik_additional_response_headers_auto | combine(livekit_server_container_labels_traefik_additional_response_headers_custom) }}"

  53. livekit_server_container_labels_traefik_additional_response_headers_auto: |

  54.   {{

  55.     {}

  56.     | combine ({'X-XSS-Protection': livekit_server_http_header_xss_protection} if livekit_server_http_header_xss_protection else {})

  57.     | combine ({'X-Frame-Options': livekit_server_http_header_frame_options} if livekit_server_http_header_frame_options else {})

  58.     | combine ({'X-Content-Type-Options': livekit_server_http_header_content_type_options} if livekit_server_http_header_content_type_options else {})

  59.     | combine ({'Content-Security-Policy': livekit_server_http_header_content_security_policy} if livekit_server_http_header_content_security_policy else {})

  60.     | combine ({'Permission-Policy': livekit_server_http_header_content_permission_policy} if livekit_server_http_header_content_permission_policy else {})

  61.     | combine ({'Strict-Transport-Security': livekit_server_http_header_strict_transport_security} if livekit_server_http_header_strict_transport_security and livekit_server_container_labels_traefik_tls else {})

  62.   }}

  63. livekit_server_container_labels_traefik_additional_response_headers_custom: {}

  64. 

  65. # matrix_client_element_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.

  66. # See `../templates/labels.j2` for details.

  67. #

  68. # Example:

  69. # matrix_client_element_container_labels_additional_labels: |

  70. #   my.label=1

  71. #   another.label="here"

  72. livekit_server_container_labels_additional_labels: ''

  73. 

  74. # A list of extra arguments to pass to the container

  75. livekit_server_container_extra_arguments: []

  76. 

  77. # Additional environment variables for the container

  78. livekit_server_environment_variables_additional: {}

  79. 

  80. # List of systemd services that matrix-element-call.service depends on

  81. livekit_server_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"

  82. 

  83. # Specifies the value of the `X-XSS-Protection` header

  84. # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.

  85. #

  86. # Learn more about it is here:

  87. # - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection

  88. # - https://portswigger.net/web-security/cross-site-scripting/reflected

  89. livekit_server_http_header_xss_protection: ''

  90. 

  91. # Specifies the value of the `X-Frame-Options` header which controls whether framing can happen.

  92. # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

  93. livekit_server_http_header_frame_options: ''

  94. 

  95. # Specifies the value of the `X-Content-Type-Options` header.

  96. # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options

  97. livekit_server_http_header_content_type_options: ''

  98. 

  99. # Specifies the value of the `Content-Security-Policy` header.

  100. # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy

  101. livekit_server_http_header_content_security_policy: ''

  102. 

  103. # Specifies the value of the `Permission-Policy` header.

  104. # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permission-Policy

  105. livekit_server_http_header_content_permission_policy: ''

  106. 

  107. # Specifies the value of the `Strict-Transport-Security` header.

  108. # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

  109. livekit_server_http_header_strict_transport_security: ''

  110. 

  111. # Controls whether to send a "Permissions-Policy interest-cohort=();" header along with all responses

  112. #

  113. # Learn more about what it is here:

  114. # - https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea

  115. # - https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network

  116. # - https://amifloced.org/

  117. #

  118. # Of course, a better solution is to just stop using browsers (like Chrome), which participate in such tracking practices.

  119. # See: `livekit_server_content_permission_policy`

  120. livekit_server_floc_optout_enabled: false

  121. 

  122. # Controls if HSTS preloading is enabled

  123. #

  124. # In its strongest and recommended form, the [HSTS policy](https://www.chromium.org/hsts) includes all subdomains, and

  125. # indicates a willingness to be "preloaded" into browsers:

  126. # `Strict-Transport-Security: max-age=31536000; includeSubDomains; preload`

  127. # For more information visit:

  128. # - https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

  129. # - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

  130. # - https://hstspreload.org/#opt-in

  131. # See: `livekit_server_http_header_strict_transport_security`

  132. livekit_server_hsts_preload_enabled: true